United States Patent and Trademark Office 



UNITED STATES DEPARTMENT OF COMMERCE 
United States Patent and Trademark Office 
Address: COMMISSIONER FOR PATENTS 
P.O.Box 1450 

Alexandria. Virginia 22313-1450 
www.uspto.gov 



APPLICATION NO. 



FILING DATE 



FIRST NAMED INVENTOR 



ATTORNEY DOCKET NO. 



CONFIRMATION NO. 



09/721,398 



1 1/22/2000 



01/21/2005 



22801 7590 

LEE & HAYES PLLC 

421 W RIVERSIDE AVENUE SUITE 500 

SPOKANE, WA 99201 



Paul England 



MS1-654US 



2720 



EXAMINER 



ART UNIT 



BETIT, JACOB F 

in 



PAPER NUMBER 



2164 

DATE MAILED: 01/21/2005 



Please find below and/or attached an Office communication concerning this application or proceeding. 



PTO-90C (Rev. 10/03) 



Office Action Summsrv 


Application No. 

09/721,398 


Applicant(s) 
ENGLAND ET AL. 


Examiner 

Jacob F. Betit 


Art Unit 
2164 





•• The MAILING DATE of this communication appears on the cover sheet with the c rrespondence address •■ 
Period for Reply 

A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1.136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If the period for reply specified above is less than thirty (30) days, a reply within the statutory minimum of thirty (30) days will be considered timely. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1.704(b). 

Status 

1 )D Responsive to communication(s) filed on 30 June 2004 . 
2a)^3 This action is FINAL. 2b)0 This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 11, 453 O.G. 213. 

Disposition of Claims 

4) £3 Claim(s) 1-28 and 30-91 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) [El Claim(s) 30-33.62 and 63 is/are allowed. 

6) EK] Claim(s) 1-16.22-28,34-39.42-52.57-61 and 64-91 is/are rejected. 

7) [X] Claim(s) 17-21.40.41 and 53-56 is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) D The specification is objected to by the Examiner. 

10)Q The drawing(s) filed on is/are: a)D accepted or b)D objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1 .85(a). 

Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 
11 )□ The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152. 

Priority under 35 U.S.C. § 119 

1 2)D Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 1 1 9(a)-(d) or (f). 
a)D All b)D Some * c)D None of: 

1 .□ Certified copies of the priority documents have been received. 

2.Q Certified copies of the priority documents have been received in Application No. . 



/ 



3.D Copies of the certified copies of the priority documents have been received in this National St^ge^ 
application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 

SAM RIMELL 
PRIMARY EXAMINER 




Attachment(s) 

1) D Notice of References Cited (PTO-892) 

2) O Notice of Draftsperson's Patent Drawing Review (PTO-948) 

3) S Information Disclosure Statement(s) (PTO-1449 or PTO/SB/08) 

Paper No(s)/Mail Date 12/2/04 . 



4) O Interview Summary (PTO-413) 

Paper No(s)/Mail Date. . 

5) □ Notice of Informal Patent Application (PTCM52) 

6) □ Other: . 



U.S. Patent and Trademark Office 

PTOL-326 (Rev. 1-04) 



Office Action Summary 



Part of Paper No./Mail Date 20050105 



Application/Control Number: 09/721,398 Page 2 

Art Unit: 2164 

DETAILED ACTION 



Remarks 

1 . In response to communications filed on 30-June-2004, claims 9, 18, 20, 23, 30-33, 42, 57, 
60, and 62 are amended per applicant's request. Claims 1-91 are presently pending in the 
application. 



Claim Rejections - 35 USC §102 
2. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the 
basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in a patent granted on an application for patent by another filed in the United 
States before the invention thereof by the applicant for patent, or on an international application by another who 
has fulfilled the requirements of paragraphs (1), (2), and (4) of section 371(c) of this title before the invention 
thereof by the applicant for patent. 

The changes made to 35 U.S.C. 102(e) by the American Inventors Protection Act of 1999 
(AIPA) and the Intellectual Property and High Technology Technical Amendments Act of 2002 
do not apply when the reference is a U.S. patent resulting directly or indirectly from an 
international application filed before November 29, 2000. Therefore, the prior art date of the 
reference is determined under 35 U.S.C. 102(e) prior to the amendment by the AIPA (pre-AIPA 
35 U.S.C. 102(e)). 



3. Claims 1, 6-7, 12-13, 16, 22-28, 34-39, 43-45, 57-60, 64-66, 68-74, and 79-91 are 
rejected under 35 U.S.C. 102(e) as being anticipated by Vu et al. (U.S. patent No. 6,557,104 B2. 



Application/Control Number: 09/721,398 
Art Unit: 2164 



Page 3 



As to claim 1, Vu et ah teaches one or more computer-readable media having stored 
thereon a plurality of instructions that, when executed by one or more processors of a computer 
(see column 7, lines 12-30), causes the one or more processors to perform acts including: 

allowing operation of the computer to begin based on untrusted code (see column 6, lines 

3-21); 

loading, under control of the untrusted code, a trusted core into memory (see column 6, 
lines 3-10); 

preventing each of one or mere central processing units and each of one or more bus 
masters in the computer from accessing the memory (see column 4, lines 63-67); 

resetting each of the one or more central processing units (see column 5, lines 27-35); 

allowing one central processing unit to access the memory and execute trusted core 
initialization code to initialize the trusted core (see column 5, lines 33-40); and 

after execution of the trusted core has been initialized, allowing any other central 
processing units and any bus masters in the computer to access the memory (see column 5, lines 
33-40). 

As to claim 6, Vu et al. teaches wherein the preventing comprises preventing each of the 
one or more central processing units and each of the one or more bus masters from accessing the 
memory in response to an initialize misted core command received from one of the one or more 
central processing units (see column 4, lines 63-67). 
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As to claim 7, Vu et al. teaches wherein the loading the misted core comprises copying 
different portions of the trusted core from a plurality of different sources (see column 4, lines 52- 
62). 

As to claim 12, Vu et al. teaches wherein the loading the trusted core comprises copying 
at least a portion of the trusted core from a chip of the computer (see column 4, lines 52-62). 

As to claim 13, Vu et al. teaches wherein the preventing comprises ignoring all requests 
for access to the memory from the one or more central processing units and one or more bus 
masters (see column 4, lines 63-67). 

As to claim 16, Vu et al. teaches wherein the resetting each of the one or more central 
processing units comprises asserting a processor bus reset signal to each of the one or more 
central processing units (see column 5, lines 27-35). 

As to claim 22, Vu et al. teaches wherein the plurality of instructions further cause the 
one or more processors to perform acts including loading microcode from the; trusted core in 
memory into the one central processing unit after resetting the central processing unit (see 
column 5, lines 33-40). 



As to claim 23, Vu et al. teaches a method comprising: 

booting, based on untrustworthy code, a computer (see column 6, lines 3-21); 
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loading a trusted core into memory (see column 6, lines 3-10); and 

initiating secure execution of the trusted core (see column 5, lines 33-40), including 

preventing each of one or more central processing units in the computer from 
accessing the memory; preventing each of one or more bus masters in the computer from 
accessing the memory (see column 4, line 63 through column 5, line 10); 

resetting each of the one or more central processing units after each of the one or 
more central processing units has been prevented from accessing the memory and after 
each of the one or more bus masters has been prevented from accessing the memory (see 
column 5, lines 24-33); 

allowing, after the resetting, one of the one or more central processing units to 
access the memory and execute a trusted core initialization process (see column 5, lines 
33-48); and 

after the execution of the trusted core initialization process, allowing any other 
central processing units and any of the one or more bus masters to access the memory 
(see column 5, lines 33-40). 

As to claim 24, Vu et al. teaches further comprising: 

allowing execution of the trusted core to terminate(see column 5, lines 40-43); and 
re-initiating secure execution of the trusted core without re-booting the computer (see 

column 5, lines 24-30, where it is inherent that the "secure services routine" can be initiated 

whenever they are needed by calling an interrupt). 
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As to claim 25, Vu et al. teaches further comprising: 

allowing execution of the trusted core to terminate (see column 5, lines 40-43); 
loading another trusted core into memory (see column 6, lines 3-21); and 
initiating secure execution of the other trusted core (see column 5, lines 33-40). 

As to claim 26, Vu et al. teaches wherein the trusted core and the other trusted core are 
different versions of the same trusted core (see column 5, lines 33-40, where it is inherent that 
the other trusted core could be a different version of the same trusted core especially during the 
development of the trusted core). 

As to claim 27, Vu et al. teaches wherein the initiating comprises initiating secure 
execution of the trusted core in response to an initialize trusted core command received from one 
of the one or more central processing units (see column 5, lines 27-34). 

As to claim 28, Vu et al. teaches wherein the initiating comprises initiating secure 
execution of the untrusted core without requiring any additional bus transactions to be supported 
by processors in the computer (see column 3, line 61 thought column 4, line 10). 

As to claim 34, Vu et al. teaches wherein the loading the trusted core comprises copying 
different portions of the trusted core from a plurality of different sources including one or more 
of: a local mass storage device, a remote device, and a local chipset (see column 4, lines 52-62). 
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As to claim 35, Vu et al. teaches one or more computer-readable memories containing a 
computer program that is executable by a processor to perform the method recited in claim 23 
(see column 7, lines 12-30 and see rejected claim 23 above). 

As to claim 36, Vu et al. teaches a method (see abstract) comprising: 

allowing a computer to begin operation based on untrustworthy code (see column 6, lines 

3-21); 

loading, under the control of the untrustworthy code, additional code into memory (see 
column 6, lines 3-10); and 

initiating execution of the additional code in a secure manner despite the untrustworthy 
code in the computer (see column 5, lines 33-40). 

As to claim 37, Vu et al teaches wherein the initiating further comprises initiating 
execution of the additional code in a secure manner despite both the untrustworthy code in the 
computer and other pre-existent state of the computer (see column 5, lines 33-40). 

As to claim 38, Vu et al. teaches wherein the initiating execution of the additional code in 
a secure manner comprises: 

preventing each of one or more central processing units in the computer from accessing 
the memory (see column 4, lines 63-67); 

preventing each of one or more bus masters in the computer from accessing the memory 
(see column 4, lines 63-67); 
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resetting each of the one or more central processing units (see column 5, lines 27-35); 

allowing one central processing unit to access the memory and execute a code 
initialization process (see column 5, lines 33-40); and 

after execution of the code initialization process, allowing any other central processing 
units and any of the one or more bus masters to access the memory (see column 5, lines 33-40). 

As to claim 39, Vu et al. teaches wherein the initiating comprises initiating execution of 
the additional code in a secure manner without requiring any additional bus transactions to be 
supported by a processor in the computer (see column 3, line 61 through column 4, line 10). 

As to claim 43, Vu et al. teaches further comprising: 

receiving, from a central processing unit, a read request corresponding to a central 
processing unit reset vector (see column 5, lines 27-35); 

responding to the read request with instructions to cause the central processing unit to 
jump to a starting location of the trusted core (see column 5, lines 33-36). 

As to claim 44, Vu et al. teaches wherein the loading the additional code comprises 
copying different portions of the additional code from a plurality of different sources including 
one or more of: a local mass storage device, a remote device, and a local chipset (see column 4, 
lines 52-62). 
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As to claim 45, Vu et al. teaches one or more computer- readable memories containing a 
computer program that is executable by a processor to perform the method recited in claim 36 
(see column 7, lines 12-30 and see rejected claim 36 above). 

As to claim 57, Vu et al teaches an apparatus (see column 1, lines 7-10) comprising: 
a processor reset portion to assert a reset signal to a processor (see column 5, lines 27- 
35); and 

a memory protector portion to prevent any bus master from accessing memory until the 
processor completes execution of a misted core initialization process (see column 4, lines 63-67), 
and allow any bus master to access the memory after the processor completes execution of the 
trusted core initialization process (see column 5, lines 33-40). 

As to claim 58, Vu et al. teaches wherein the apparatus comprises a programmable logic 
device (see figure 5, reference number 68). 

As to claim 59, Vu et al. teaches wherein the processor reset portion comprises a 
processor bus interface (see column 5, lines 27-35, and see figure 5). 

As to claim 60, Vu et al. teaches wherein the memory protector portion comprises a 
control logic that ignores any request to access the memory received from any bus master until 
the processor completes the execution of the trusted core initialization process (see column 4, 
lines 63-67). 
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As to claim 64, Vu et al. teaches further comprising a storage portion in which a portion 
of the trusted core is stored (see column 2, lines 52-62). 

As to claim 65, Vu et al, teaches wherein the portion of the trusted core stored in the 
storage portion comprises a platform trusted core portion (see column 2, lines 52-62). 

As to claim 66, Vu et al. teaches a computer comprising: 

a processor; a bus master; a system memory; and a memory controller coupled to the 
processor, the bus master, and the system memory (see figure 5), the memory controller being 
configured to, 

allow access to the system memory from the processor and the bus master 
operating based on untrustworthy code (see column 6, lines 3-21), 

reset the processor to begin a trusted core initialization process (see column 5, 
lines 27-35), and 

prevent the bus master from accessing the system memory until after the trusted 
core initialization process is completed (see column 4, lines 63-67). 

As to claim 68, Vu et al. teaches a method comprising: 

allowing execution of different trusted cores in a computer to be initiated serially without 
requiring the computer to be re-booted (see column 5, lines 24-48, and see column 6, lines 3-21). 
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As to claim 69, Vu et al. teaches wherein the allowing further comprises allowing 
execution of the different trusted cores to be initiated at arbitrary times (see column 5, lines 24- 
30, where it is inherent that the "secure services routine" can be initiated whenever they are 
needed by calling an interrupt). 

As to claim 70, Vu et al. teaches wherein the different trusted cores are different versions 
of the same trusted core (see column 5, lines 33-40, where it is inherent that the other trusted 
core could be a different version of the same trusted core especially during the development of 
the trusted core). 

As to claim 71, Vu et al. teaches wherein the resetting comprises asserting, on a processor 
bus, a RESET# signal to each of the one or more central processing units (see column 5, lines 
27-35). 

As to claim 72, Vu et al. teaches wherein the resetting comprises clearing a state of each 
of the one or more central processing units (see column 5, lines 27-35). 

As to claim 73, Vu et al. teaches wherein the state of a central processing unit comprises 
instructions and data residing in any caches and buffers of the central processing unit (see 
column 5, lines 27-35). 
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As to claim 74, Vu et al. teaches wherein the state of a central processing unit comprises 
instructions and data residing in any registers of the central processing unit (see column 5, lines 
27-35). 

As to claim 79, Vu et ah teaches wherein the reset signal clears a state of the processor 
(see column 5, lines 27-35). 

As to claim 80, Vu et al. teaches wherein the state of the processor includes instructions 
and data residing in any caches or buffers of the processor (see column 5, lines 27-35). 

As to claim 81, Vu et al. teaches wherein the processor reset portion is to assert the reset 
signal on a processor bus (see column 5, lines 27-35). 

As to claim 82, Vu et al. teaches wherein the reset signal comprises RESET# (see column 
5, lines 27-35). 

As to claim 83, Vu et al. teaches wherein the memory controller is further configured to 
reset the processor by clearing a state of the processor (see column 5, lines 27-35). 



As to claim 84, Vu et al. teaches wherein the state of the processor includes instructions 
and data residing in any caches and buffers of the processor (see column 5, lines 27-35). 
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As to claim 85, Vu et al. teaches wherein the state of the processor includes instructions 
and data residing in any registers of the processor (see column 5, lines 27-35). 

As to claim 86, Vu et al. teaches wherein the memory controller is further configured to 
reset the; processor by asserting, on a processor bus, a reset signal to the processor (see column 
5, lines 27-35). 

As to claim 87, Vu et al. teaches wherein the memory controller is further configured to 
reset the processor by asserting a RESET# signal to the processor (see column 5, lines 27-35). 

As to claim 88, Vu et al. teaches a method (see abstract) comprising: 

allowing operation of a computer to begin based on untrusted code (see column 6, lines 

3-21); 

loading, under control of the untrusted code, a trusted core into memory of the computer 
(see column 6, lines 3-10); 

preventing each of one or more central processing units and each of one or more bus 
masters in the computer from accessing the memory (see column 4, lines 63-37); 

clearing a state of each of the one or more central processing units (see column 5, lines 

27-35); 

allowing one central processing unit to access the memory and execute trusted core 
initialization code to initialize the trusted core (see column 5, lines 33-40); and 
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after execution of the trusted core has been initialized, allowing any other central 
processing units and any bus masters in the computer to access the memory (see column 5, lines 
33-40). 

As to claim 89, Vu et ah teaches wherein the preventing comprises preventing each of the 
one or more central processing units and each of the one or more bus masters from accessing the 
memory in response to an initialize trusted core command received from one of the one or more 
central processing units (see column 4, lines 63-67). 

As to claim 90, Vu et al. teaches wherein the state of a central processing unit comprises 
instructions and data residing in any caches and buffers of the central processing unit (see 
column 5, lines 27-35). 

As to claim 91, Vu et al. teaches wherein the state of a central processing unit comprises 
instructions and data residing in any registers of the central processing unit (see column 5, lines 
27-35). 

4. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the 
basis for the rejections under this section made in this Office action: 
A person shall be entitled to a patent unless - 

(b) the invention was patented or described in a printed publication in this or a foreign country or in public use or on 
sale in this country, more than one year prior to the date of application for patent in the United States. 
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5. Claims 46, 48-52, and 75-78 are rejected under 35 U.S.C. 102(b) as being anticipated by 
Mattison (U.S. patent No. 5,778,070). 

As to claim 46, Mattison teaches a memory controller (see figure 2, reference number 
104) comprising: 

a first interface to allow communication with a processor (see figure 2, reference numbers 
202 and 204); 

a second interface to allow communication with a system memory (see figure 2, reference 
numbers 206 and 208); and 

a controller, coupled to the first interface and the second interface, to reset a processor 
and to allow the processor to execute a code initialization process while preventing any other 
processors from accessing the system memory (see column 8, lines 29-38). 

As to claim 48, Mattison teaches wherein the first interface comprises a processor bus 
interface (see figure 2, reference numbers 202 and 204). 



As to claim 49, Mattison teaches wherein the memory controller operates without 
requiring the processor bias interface to support any additional commands on the processor bus 
(see column 8, lines 29-38). 
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As to claim 50, Mattison teaches wherein the system memory comprises a dynamic 
random access memory (see figure 2, reference number 106, where it is inherent that most 
modern computer systems use "dynamic random access memory" for system memory. 

As to claim 51, Mattison teaches wherein the controller is further to allow the processor 
to execute the code initialization process while preventing any bus masters from accessing the 
system memory (see column 8, lines 39-60). 

As to claim 52, Mattison teaches a memory controller as recited in claim 46, wherein the 
controller is further to: 

reset any other processor coupled to the memory controller prior to allowing the 
processor to execute the code initialization process (see column 8, lines 27-38);- 

prevent any other processor and any bus master coupled to the memory controller from 
accessing the system memory until the one process executes the code initialization process (see 
column 8, lines 39-60); and 

after execution of the code initialization process, allow any other central processing units 
coupled to the memory controller and any bus masters coupled to the memory controller to 
access the memory (see column 4, lines 8-14). 

As to claim 75, Mattison teaches wherein the controller is to reset the processor by 
clearing a stage of the processor (see column 8, lines 29-38). 
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As to claim 76, Mattison teaches wherein the clearing the state of the processor 
comprises clearing all instructions and data from any caches or buffers of the processor (see 
column 8, lines 29-38). 

As to claim 77, Mattison teaches wherein the controller is to reset the processor by 
asserting, on a processor bus, a reset signal to the processor (see column 8, lines 29-38). 

As to claim 78, Mattison teaches wherein the reset signal comprises RESET# (see 
column 8, lines 29-38). 

Claim Rejections - 35 USC §103 

6. The following is a quotation of 35 U.S. C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set forth in 
section 102 of this title, if the differences between the subject matter sought to be patented and the prior art are 
such that the subject matter as a whole would have been obvious at the time the invention was made to a person 
having ordinary skill in the art to which said subject matter pertains. Patentability shall not be negatived by the 
manner in which the invention was made. 

7. Claims 2-4, and 42 are rejected under 35 U.S.C. 103(a) as being unpatentable over Vu et 
al (U.S. patent No. 6,557,104 B2) in view of Virajpet et al. (U.S. patent No. 6,480,948 Bl). 

As to claim 2, Vu et al. does not teach wherein the one or more processors comprise one 
or more controllers of one or more memory controllers. 

Viraipet et al. teaches wherein the one or more processors comprise one or more 
controllers of one or more memory controllers (see column 5, lines 17-42). 
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It would have been obvious to a person having ordinary skill in the art at the time the 
invention was made to have modified Vu et al. by the teachings of Virajpet et al. because 
wherein the one or more processors comprise one or more controllers of one or more memory 
controllers would allow the processor to write values in the memory controller to change the 
memory map (see Virajpet et al. , column 5, lines 17-42). 

As to claim 3, Vu et al. as modified, teaches wherein the one or more memory controllers 
are distributed among the one or more central processing units (see Virajpet et al. , figure 1, 
reference numbers 10 and 12). 

As to claim 4, Vu et al. as modified, teaches wherein the plurality of instructions 
comprise microcode to be executed by the one or more memory controllers (see Virajpet et al. , 
column 5, lines 17-42). 

As to claim 42, Vu et al. does not teach further comprising: 

remapping the trusted core to appear at an address where a central processing unit starts 
executing after being reset. 

Virajpet et al. teaches further comprising: remapping the trusted core to appear at an 
address where a central processing unit starts executing after being reset (see column 3, lines 1- 
28). , 

It would have been obvious to a person having ordinary skill in the art at the time the 
invention was made to have modified Vu et al. by the teachings of Virajpet et al. because further 
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comprising: remapping the trusted core to appear at an address where a central processing unit 
starts executing after being reset would make access to interrupt code faster by accessing code in 
SRAM instead of ROM (see Viraipet et al. , column 3, lines 18-28). 

8. Claims 5 and 10 are rejected under 35 U.S.C. 103(a) as being unpatentable over Vu et al. 
(U.S. patent No. 6,557,104 B2) in view of Frank, Jr. et al. (U.S. patent No. 6,546,489 Bl). 

As to claim 5, Vu et al. does not teach wherein the untrusted code includes code from a 
basic input output system (BIOS) and code from a plurality of option read only memories 
(ROMs). 

Frank, Jr. et al. teaches wherein the untrusted code includes code from a basic input 
output system (BIOS) and code from a plurality of option read only memories (ROMs) (see 
column 4, 'line 66 through column 5, line 6). 

It would have been obvious to a person having ordinary skill in the art at the time the 
invention was made to have modified Vu et al. by the teachings of Frank, Jr. et al. because 
wherein the untrusted code includes code from a basic input output system (BIOS) and code 
from a plurality of option read only memories (ROMs) would realize more of the types of 
memory that are subject to contamination (see Frank, Jr. et al. , column 5, lines 3-6). 



As to claim 10, Vu et al. does not teach wherein the loading the trusted core comprises 
copying at least a portion of the trusted core from a local mass storage device into the memory. 
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Frank, Jr. et al. teaches wherein the loading the trusted core comprises copying at least a 
portion of the trusted core from a local mass storage device into the memory (see column 5, lines 
31-45). 

It would have been obvious to a person having ordinary skill in the art at the time the 
invention was made to have modified Vu et al. by the teachings of Frank, Jr. et al. because 
wherein the loading the trusted core comprises copying at least a portion of the trusted core from 
a local mass storage device into the memory would allow the host computer to be activated with 
a memory image source whose source is impervious to virus or inadvertent corruption (see 
Frank, Jr. et al. , abstract). 

9. Claims 8-9 are rejected under 35 U.S.C. 103(a) as being unpatentable over Vu et al. (U.S. 
patent No. 6,557,104 B2) in view of Faber et al. patent No. 6,477,252 Bl). 

As to claim 8, Vu et al. does not teach wherein the loading the trusted core comprises 
copying different parts of the trusted core from one or more sources and combining the different 
parts to assemble the trusted core. 

Faber et al. teaches wherein the loading the trusted core comprises copying different 
parts of the trusted core from one or more sources and combining the different parts to assemble 
the trusted core (see figure 3, step 318). 

It would have been obvious to a person having ordinary skill in the art at the time the 
invention was made to have modified Vu et al. by the teachings of Faber et al. because wherein 
the loading the trusted core comprises copying different parts of the trusted core from one or 



Application/Control Number: 09/721,398 Page 21 

Art Unit: 2164 

more sources and combining the different parts to assemble the trusted core would protect the 
content of the data stream (see Faber et al. „ column 1, lines 9-13). 

As to claim 9, Vu et al. as modified, teaches wherein combining the different parts 
comprises exclusive-ORing bits of the different parts (see Faber et al. , figure 3, step 318). 

10. Claim 1 1 is rejected under 35 U.S.C. 103(a) as being unpatentable over Vu et al. (U.S. 
patent No. 6,557,104 B2) in view of Cox et al. patent No. 5,349,643). 

As to claim 11, Vu et al. does not teach wherein the loading the trusted core comprises 
copying at least a portion of the trusted core from a remote device into the memory. 

Cox et al. teaches wherein the loading the trusted core comprises copying at least a 
portion of the trusted core from a remote device into the memory (see abstract). 

It would have been obvious to a person having ordinary skill in the art at the time the 
invention was made to have modified Vu et al. by the teachings of Cox et al. because wherein the 
loading the trusted core comprises copying at least a portion of the trusted core from a remote 
device into the memory would allow secure boot for a diskless workstation (see Cox et al. , 
column 1, lines 7-10). 



1 1 . Claims 14-15 are rejected under 35 U.S.C. 103(a) as being unpatentable over Vu et al. 
(U.S. patent No. 6,557,104 B2) in view of Collins et al. patent No. 6,378,072 Bl). 
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As to claim 14, Vu et al. does not teach wherein the plurality of instructions further cause 
the one or more processors to perform acts including: 

extracting a cryptographic measure of the trusted core in the memory; and 
storing the extracted cryptographic measure. 

Collins et al. teaches wherein the plurality of instructions further cause the one or more 
processors to perform acts including: extracting a cryptographic measure of the trusted core in 
the memory (see column 9, lines 12-42); and storing the extracted cryptographic measure (see 
column 9, lines 54-60, where it is inherent that the checksum developed from the original form 
of the program file would be stored locally to be compared with the one generated by the 
cryptographic processor). 

It would have been obvious to a person having ordinary skill in the art at the time the 
invention was made to have modified Vu et al. by the teachings of Collins et al. because wherein 
the plurality of instructions further cause the one or more processors to perform acts including: 
extracting a cryptographic measure of the trusted core in the memory; and storing the extracted 
cryptographic measure would allow for a check to make sure the program file is authentic (see 
Collins et al. , column 9, lines 12-20). 

As to claim 15, Vu et al. as modified, teaches wherein the plurality of instructions further 
cause the one or more processors to perform acts including: 

resetting a cryptographic processor (see Collins et al. , column 8, lines 12-28); 

requesting the cryptographic processor to extract the cryptographic measure (see Collins 
et al. , column 9, lines 12-42); and 
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receiving the extracted cryptographic measure from the cryptographic processor (see 
Collins et aL , column 9, lines 32-36 and see lines 54-60). 

12. Claim 47 is rejected under 35 U.S.C. 103(a) as being unpatentable over Mattison (U.S. 
patent No. 6,615,355 B2) in view of 486 Microprocessors , SSV Software Systems PC/104 
Products, http://www.ssv-embedded.de/ssv/pcl04/p71.htm , March 13, 1998 (hereinafter referred 
to as 486 Microprocessors) . 

As to claim 47, Mattison does not teach wherein the memory controller is included in a 
processor. 

486 Microprocessors teaches wherein the memory controller is included in a processor 
(see page 2, 486 Cache Unit). 

It would have been obvious to a person having ordinary skill in the art at the time the 
invention was made to have modified Mattison by the teachings of 486 Microprocessors because 
wherein the memory controller is included in a processor would allow control of the onboard 
cache memory on the processor. 



13. Claims 61 and 67 are rejected under 35 U.S.C. 103(a) as being unpatentable over Vu et 
aL (U.S. patent No. 6,557,104 B2) in view of Stumpfet al. (U.S. patent No. 5,175,829). 
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As to claim 61, Vu et al. does not teach further comprising a controller, coupled to the 
memory protector portion, to prevent another processor from accessing memory until the 
processor completes execution of the trusted core initialization process. 

Stumpf et al. teaches further comprising a controller, coupled to the memory protector 
portion, to prevent another processor from accessing memory until the processor completes 
execution of the trusted core initialization process (see abstract). 

It would have been obvious to a person having ordinary skill in the art at the time the 
invention was made to have modified Vu et al. by the teachings of Stumpf et al. because further 
comprising a controller, coupled to the memory protector portion, to prevent another processor 
from accessing memory until the processor completes execution of the trusted core initialization 
process would stop any other processors from accessing that section of memory during atomic 
operations (see Stumpf et al. , abstract). 

As to claim 67, Vu et al. does not teach further comprising a plurality of additional 
processors and preventing the plurality of additional processors from accessing the system 
memory until after the trusted core initialization process is completed. 

Stumpf et al. teaches further comprising a plurality of additional processors and 
preventing the plurality of additional processors from accessing the system memory until after 
the trusted core initialization process is completed (see abstract). 

It would have been obvious to a person having ordinary skill in the art at the time the 
invention was made to have modified Vu et al. by the teachings of Stumpf et al. because further 
comprising a plurality of additional processors and preventing the plurality of additional 
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processors from accessing the system memory until after the trusted core initialization process is 
completed would stop any other processors from accessing that section of memory during atomic 
operations (see Stumpf et al. , abstract). 

Allowable Subject Matter 

14. Claims 30-33 and 62-63 are allowed. 

15. Claims 17-21, 40-41, 53-56 are objected to as being dependent upon a rejected base 
claim, but would be allowable if rewritten in independent form including all of the limitations of 
the base claim and any intervening claims. 



Response to Arguments 
16. Applicant's arguments with respect to claim 36 have been considered but are not deemed 
persuasive. 

In response to the applicant's arguments that "Vu does not disclose the resetting each of 
the one or more central processing units", the arguments have been fully considered but are not 
deemed persuasive. Vu et al. states "[T]he SMI initializes the system processor into SMM", (see 
column 5, lines 32-33). Initialize means to set into a starting state, which would include resetting 
the processor to get it to the starting state. Therefore Vu et al. discloses this limitation. 
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In response to the applicant's arguments that "Vu does not disclose preventing each of 
the one or more central processing units and each of the one or more bus masters in the computer 
from accessing the memory, and after execution of the trusted core has been initialized, allowing 
any other central processing units and any bus masters in the computer to access the memory", 
the arguments have been fully considered but are not deemed persuasive. Vu et al. discloses 
preventing the processing units and the bus masters in the computer from accessing the memory 
in column 4, lines 63 through column 5, line 10. Here he discloses locking SMRAM to prevent 
any processes from accessing the data stored in SMRAM. If the processes cannot access the 
SMRAM, it also stands to reason that the processor, which performs these processes, cannot 
access the SMRAM since the processor only performs actions as instructed by processes. Vu et 
aL discloses allowing, after the core has been initialized, the processor and bus masters to access 
the memory in column 5, lines 24-48. Here he discloses initializing the processor into SMM, 
and after initializing the processor accessing the key and programs stored in SMRAM and 
executing the requested security processing in the SMM. Vu et al. discloses only one processor 
and only one bus master, which also is the processor. Therefore since he discloses allowing any 
processors and bus masters to access the memory after the processor has been initialized, he 
teaches these limitations. 

In response to the applicant's arguments that "Vu does not disclose loading, under the 
control of untrustworthy code, additional code into memory, and initiating execution of the 
additional code in a secure manner despite the untrustworthy code in the computer, and initiating 
the code in a secure manner despite the untrustworthy code in the computer", the arguments have 
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been fully considered but are not deemed persuasive. Vu et al. discloses loading under the 
control of the boot code, cryptographic keys and programs (see column 5, lines 1-10). Vu et al. 
does not disclose any reason why the boot code should be trustworthy and does not disclose any 
mechanisms for keeping it secure. Vu et al. teaches the "Security Services routine" that securely 
initializes the programs and key stored in SMRAM, and executes them (see column 5, lines 24- 
48). He also discloses preventing the programs in SMRAM from being accessed by other 
processes until they are securely initialized (see column 4, lines 63-67). Therefore Vu et al. 
teaches these limitations. 

In response to the applicant's arguments that "Nowhere in this cited portion is there any 
discussion or mention of reveiving, from a central processing unit, a read request corresponding 
to a central processing unit reset vector", the arguments have been fully considered but are not 
deemed persuasive. Vu et al. discloses invoking a interrupt which causes the processor to be 
initialized into SMM mode. Interrupts work by reading from the interrupt vector table to find 
out how to process the interrupt. This interrupt is causing the system to be initialized (restarted) 
into SMM mode and then invokes a security function that goes (jumps) to the section of 
SMRAM where the key and programs are located and executes them. Therefore Vu et al. reads 
on these limitations. 

In response to the applicant's arguments that "Vu does not disclose allowing execution of 
different trusted cores in a computer to be initiated serially without requiring the computer to be 
re-booted", the arguments have been fully considered but are not deemed persuasive. Vu 
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discusses loading the cryptographic key and program after boot time without restarting the 
computer as long as the system is in secure mode. It is inherent to one skilled in the art that 
different programs and keys would be loaded during run time and not just the same key and 
program. For instance, if an update to the program was made, the updated program could then 
be loaded instead of the original program. In column 6, lines 16-21, Vu et al. discloses that 
numerous variations of loading cryptographic keys and programs are within the scope of the 
invention. Therefore Vu et al. reads on these limitations. 

In response to the applicant's arguments that "Mattison c 070 does not disclose a memory 
controller comprising a controller to reset a processor", the arguments have been fully considered 
but are not deemed persuasive because Matt i son discusses both disabling and clearing all data 
and instructions from the cache on the processor which is in effect clearing and resetting the 
processor. This disabling and clearing occurs because of the "memory address/window detector" 
which controls both the processor and the memory. Therefore Mattison discloses these 
limitations. 

In response to the applicant's arguments that "Vu in view of Virajpet does not disclose or 
suggest remapping the additional code to appear at an address where a central processing unit 
starts executing after being reset, the additional code having been loaded under the control of 
untrustworthy code", the arguments have been fully considered but are not deemed persuasive. 
Virajpet et al. teaches remapping the code to appear at a different location. Vu et al. teaches 
setting the code at an address where the central processing unit starts executing after being reset, 
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the additional code having been loaded under control of untrustworthy code. Combining the 
teachings of Vu et al, with Viraipet et al. is an obvious step in several situations including if there 
is more than one program located in the secure memory of Vu et al. 

Conclusion 

1 7. Applicants amendment necessitated the new ground(s) of rejection presented in this 
Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP § 706.07(a). 
Applicant is reminded of the extension of time policy as set forth in 37 CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within TWO 
MONTHS of the mailing date of this final action and the advisory action is not mailed until after 
the end of the THREE-MONTH shortened statutory period, then the shortened statutory period 
will expire on the date the advisory action is mailed, and any extension fee pursuant to 37 
CFR 1 . 1 36(a) will be calculated from the mailing date of the advisory action. In no event, 
however, will the statutory period for reply expire later than SIX MONTHS from the date of this 
final action. 

18. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Jacob F. Betit whose telephone number is (703) 305-3735. The 
examiner can normally be reached on Monday through Friday 9 am to 5 pm. 
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If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Dov Popovici can be reached on (703) 305-3830. The fax phone number for the 
organization where this application or proceeding is assigned is 703-872-9306. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). 
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